Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Privacy Your Rights Online

Fighting Terrorists Through Software, Anonymously? 257

Silwenae writes "MSNBC has a story online from this week's Newsweek about Jeff Jonas, founder of System Research and Development. SRD's software attempts to verify a person is who he says he is, and then tries to determine who that person may be connected with. Originally used in casinos, the CIA has invested in SRD for use in the war against terrorism. Apparently, Jonas has developed a system that can anonymize the data being analyzed through hashing, so the government can share this information with the private sector to look for hits, without the private sector seeing the specific data."
This discussion has been archived. No new comments can be posted.

Fighting Terrorists Through Software, Anonymously?

Comments Filter:
  • detector (Score:5, Funny)

    by Rosco P. Coltrane ( 209368 ) on Thursday March 18, 2004 @05:46AM (#8597013)
    then tries to determine who that person may be connected with.

    Does this software detect siamese twins?
  • Stealth Snooping (Score:5, Insightful)

    by R.Caley ( 126968 ) on Thursday March 18, 2004 @05:47AM (#8597016)
    [...]so the government can share this information with the private sector to look for hits, without the private sector seeing the specific data.

    I.e. so the state can put people it doesn't like on the list of people to be tracked with less risk that that person, or the rest of us, can know who is on the list.

    Yeah, that's really reassuring.

    Big brother may be watching you, but you have no way of knowing...

    • by Hektor_Troy ( 262592 ) on Thursday March 18, 2004 @06:00AM (#8597066)
      Big brother may be watching you, but you have no way of knowing...

      Which is far more scary ... to me at least.

      Personally I'd feel more comfortable travelling in China, as I know for a fact what will happen to me, if I were to air my oppinions about their government. In the USA however ... well - I'm a foreign citizen, so hey presto - enemy combatant.
      • by Anonymous Coward on Thursday March 18, 2004 @06:11AM (#8597105)
        What's really wonderful is that, since this is a static system, this is still subject to the Carnival Booth terrorist screeing attack [mit.edu] which was documented not so long ago and which guarantees that this will reduce and not increase security by allowing terrorists to identify which people they can use to carry out attacks.

        Idiots.
        • by kfg ( 145172 ) on Thursday March 18, 2004 @06:38AM (#8597184)
          This would be a valid criticism if any of these "antiterrorist" technologies had anything to do with security.

          They're about the DEA and tracking potential "politcal radicals." i.e. people who are likely to oppose you politically.

          KFG
          • Re:Stealth Snooping (Score:5, Interesting)

            by jtwJGuevara ( 749094 ) on Thursday March 18, 2004 @07:49AM (#8597442)
            So we've recreated the 2nd Red Scare, and this system, or one like it, is the one that is going to find and convict our next Sacco and Vinzetti(sp?).

            Basically, we have another instance of the current government administration taking advantage of the fact that our "freedoms are threatened" by terrorism to implement some sort of control and monitoring device on the entire population. I'm almost immune to the talk of it by now though, as we've had countless instances of things like this being proposed.

            • by nounderscores ( 246517 ) on Thursday March 18, 2004 @08:07AM (#8597521)
              About a year ago I came up with this song.

              Now I'm going to sing it.

              Puff the Nuclear Weapon

              Puff the Nuclear Weapon was pointed at Iraq,
              and waited in his submarine for the signal to attack.
              Little George Bush Junior, he loved that rascal puff,
              and all those days, he nightly prayed for the UN to get tough.

              oh
              Puff the Nuclear Weapon lived in the sea,
              protecting all our freedoms to
              a brand new SUV.
              Puff the Nuclear Weapon lived in the sea,
              protecting all our freedoms to
              a brand new SUV.

              Now Puff he liked to travel, so he wore travelling clothes
              While Bush was home and on the phone, from locations undisclosed.
              Presidents and Princes, they bowed when'ere he came,
              and Nation States lowered their flags when Puff roared out his name.

              oh
              Puff the Nuclear Weapon defender of the peace,
              securing the world's oil supply
              and the occasional golden fleece.
              Puff the Nuclear Weapon defender of the peace,
              securing the world's oil supply
              and hte occasional golden fleece.

              Plutonium lasts for ever, but not so little boys.
              ICBMs and M-16s give way to... other toys.
              And one grey day it happened: The traders broke the Dow.
              So Puff the Nuclear Weapon's on the open market now.

              His warhead packed in plastic, green crates that bore his name.
              Poor Puff would not intimidate for the Stars and Stripes again.
              Without his life long friend, poor puff could not be brave,
              so al-Qaida hid that that weapon in a deep, dark, man-made cave.

              oh
              Puff the Nuclear Weapon lived in the sea,
              but now he's in a backpack
              some where close to you and me.
              Puff the Nuclear Weapon defender of the free,
              and you can blame it all upon
              Bush fiscal policy.


              Sorry if I've just raised your subversion quotient for having read this. but hey, we're slashdotters so that means we're all pretty much under suspicion of being a little odd anyway.
            • by kfg ( 145172 ) on Thursday March 18, 2004 @09:14AM (#8597942)
              So we've recreated the 2nd Red Scare

              Second? Hell, we've been down this road so many times the cobbles are worn to little nubs. We've had the French scare, the Loyalist scare, the Mexican scare, the Spanish scare, the Nez Perce scare, the bootlegger scare and the British scare alone was milked for 100 years. The Alien and Sedition acts were passed in 1798.

              Christ almighty, if you want to get an idea of how far back this goes just read the Bible.

              KFG
        • Re:Stealth Snooping (Score:5, Interesting)

          by R.Caley ( 126968 ) on Thursday March 18, 2004 @07:04AM (#8597272)
          Also, see the Schnier's discussion in Beyond Fear of the effects of the massive number of false positives such systems must throw up (because actual terrorists are so very rare in the population).

          BTW, definitely a book everyone should read, worth it just for the anecdote of the guy who has been flying around the US using a photo ID which says he is the martian ambassador, and only had a problem when they started checking for an expiration date. Wouldn't want the Ex-martian ambassador on your plane!

          • by tom's a-cold ( 253195 ) on Thursday March 18, 2004 @10:45AM (#8598985) Homepage
            The false-positive rate should be emphasized far more than it has been. What does it mean? It means that whatever system they have in place, if it's based on statistical indicators rather than someone's hunch, will inevitably identify several innocent people for every terrorist that they find. Depending on the sensitivity of the detection algoritm, the value of "several" could be anywhere from dozens to thousands. And these people are not "borderline" terrorists in any sense. They are no more likely to be real terrorists than anyone else in the population. They're entirely innocent. So the use of such a system is guaranteed to falsely identify, stigmatize and punish large numbers of innocent people. This is not a tradeoff between freedom and security. It's a tradeoff between justice and the false perception of security.

    • by johnjay ( 230559 )
      The point of protecting the list from the private sector is because the people on the list are suspicious, but not guilty. Human nature is such that, if a person showed up on a public list of suspected terrorists their life would be ruined.

      It's a question of degree. Many people on the government's list of 'suspicous characters' are going to be innocent. Their lives will be somewhat effected by police attention, but (if the system works) they will be shown to be innocent, and removed from the list after wha
      • The point of protecting the list from the private sector is because the people on the list are suspicious, but not guilty. Human nature is such that, if a person showed up on a public list of suspected terrorists their life would be ruined.

        As someone else has pointed out, this kind of argument would have more weight if it seemed that these new systems were actually needed to combat the evil bad guys.

        It seems that the US security services had all the data they needed to prevent the 9/11 attacks, but (und

        • It seems that the US security services had all the data they needed to prevent the 9/11 attacks, but (understandably) did not join the dots. Ie what they were lacking was analysis and imagination.

          I think you missed the second part of my original post, which, looking back, is somewhat my fault for not being more clear. I was under the impression that one of the main reason the security services didn't put the dots together for 9/11 is that the FBI and the CIA were tracking the same guys but couldn't share
          • by R.Caley ( 126968 ) on Thursday March 18, 2004 @11:10AM (#8599302)
            What happens when a crime is committed? The police round up suspects. How do they get that list of suspects?

            One would hope that they start from the crime and compile the list, rather than starting from a list and trying to fit list members to the crime.

            Otherwise we end up with Louis:

            Realising the importance of the case, my men are rounding up twice the usual number of suspects.
            The classic case in the UK is the `Birmingham Six'. Faced with the worst terrorist attack ther had ever been on the UK mainland, the police started with their list and worked really hard to find some suspects who fitted. Needless to say, those convicted were eventually found innocent and set free, and the people who did it were never caught and punished.
            • "What happens when a crime is committed? The police round up suspects. How do they get that list of suspects?"

              One would hope that they start from the crime and compile the list, rather than starting from a list and trying to fit list members to the crime.


              Regardless of their methodology for determining suspects, police have to eventually do what I originally said:

              "At some point in the process of compiling the list, the police are going to have to match a collection of suspect-traits against their knowl
        • Actually, NORA would have connected the dots.

          The software is effective. That's the scary part.

          Remember that doctor that wanted to blacklist lawyers, plaintiffs and plaintiffs experts? Well, this is the sort of software that would may that work and allow such people to punish wives, boyfriends, roommates and other slightly associated 3rd parties.

          Use your imaginations. Contemplate this sort of tech being used in other strictly civilian corps.
    • by Syberghost ( 10557 )
      Big brother may be watching you, but you have no way of knowing...

      Unless you're operating under the assumption that they people they watch never, EVER turn out to be actual terrorists, I would think the reasons why that's an absolute necessity would be obvious.

      The CIA is spending money to enhance their ability to do their job, while still preserving as much of the person's privacy as possible. We should be applauding this, not lamenting it.
      • by R.Caley ( 126968 ) on Thursday March 18, 2004 @09:26AM (#8598062)
        Unless you're operating under the assumption that the people they watch never, EVER turn out to be actual terrorists, I would think the reasons why that's an absolute necessity would be obvious.

        I'm sure the East German secret police occasionaly caught someone who was an actual danger to people (rather than to the state). Would that justify their networks of secret informers etc?

        I think we are well into ``those who would give up...'' terretory here.

  • Using Hashing (Score:5, Insightful)

    by MoonFog ( 586818 ) on Thursday March 18, 2004 @05:47AM (#8597019)
    His response was to invent ANNA ("NORA's little sister," he explains), a system that "anonymizes" data by an encryption technique called hashing. Because the data are scrambled, private records can be shared with the government and secret watch lists can be distributed to private entities, all without fear--because they can't be read

    Although this is a step in the right direction, hashing algorithms can be brute forced right ?
    I mean, this information may be valid for years, a thing you did when you where 18 may still be there when you are 50. I don't think this data should be distributed much at all, even though it's encrypted.
    • by JosKarith ( 757063 ) on Thursday March 18, 2004 @05:50AM (#8597024)
      "so the government can share this information with the private sector"
      Great, so now we have to worry about cash-strapped government departments selling our personal data to spammers too.
    • Re:Using Hashing (Score:5, Informative)

      by CountBrass ( 590228 ) on Thursday March 18, 2004 @06:11AM (#8597108)

      Brute forced? Nope. Assuming they picked a decent secure hashing algorithm (ie something like a 3-pass SHA-256 and definately not MD-5) then brute forcing isn't feasible.

      The weakness is not in the hash algorithm, it's in the use the hash is being put to. See my other post for an explanation.

    • Re:Using Hashing (Score:2, Informative)

      by Laverne ( 700282 )
      Taken from whatis.com [techtarget.com].

      Hashing is the transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string.
      The hash function is used to index the original value or key and then used later each time the data associated with the value or key is to be retrieved. Thus, hashing is always a one-way operation. There's no need to "reverse engineer" the hash function by analyzing the hashed values. In fact, the ideal hash function can't be derived by such an
      • I know what a hashing algorithm is, my point was simply that if they use something like MD5, it can be brute forced, and given that they want to distribute this data more, it becomes easier to get hold of this data.
    • by billstewart ( 78916 ) on Thursday March 18, 2004 @06:13AM (#8597115) Journal
      It's possible to do things with salt or cryptography that at least mean that each recipient of the list of hashes gets a different list, and that hashes take a little while to calculate, though Moore's Law makes that a short-term advantage only (like Unix password hashes.) But sure, you can run the names of a Million Usual Suspects through any standard hashing program pretty fast, and one name through extremely fast. If it takes a second per hash, then running those million names through it is two weeks of background load, and if the hash isn't artificially slowed down, it's more like 20 minutes for your Million Usual Suspects and under a week for All Living Americans.

      And then there's the problem of extra data hidden in the hashes - some of the signature algorithms, for instance, can carry a bunch of hidden "subliminal" bits, like the one that says you're a Jew or black or Dues-Paying Republican or a Federal Agent or a Known Troublemaker.

      Spelling is a real problem. I have enough trouble because my ancestors or their relatives were either illiterate or at least using names like "Stewart" "Stuart" "Steward" and "Steuart" before English spelling became relatively standardized. But Americans munging the names of people who use other alphabets, like Arabs, or who don't use alphabets at all, like Chinese, can't just use simple hashes, because any misspelling can either let somebody whose name is the same as a Real Suspect not get flagged, or let some non-suspect whose name is close to a Real Suspect get flagged, and any terrorist smarter than the Shoe-Bomber knows to use an alternative spelling of his name or get some fake ID. You probably know Chinese people who use different names in English and Chinese, either as immigrants or kids of immigrants; I knew a Hakka Chinese family from Vietnam who also had Vietnamese names, and in at least one of their languages, they had an alternate set of names for use within the family (approximately "Number One Son" etc.) And then there's the problem of exactly which name parts to use if you've got more than three, and nicknames, etc.

      And then there's the problem of people whose names are the same as Real Suspects' names, and people who ever had their wallet stolen. Just spend a day in traffic court listening to DMV-screwed-up-and-I-got-arrested-by-mistake cases some time if you weren't already worried, or read any news article about identity theft.

    • Re:Using Hashing (Score:2, Informative)

      by goatan ( 673464 )
      I mean, this information may be valid for years, a thing you did when you where 18 may still be there when you are 50. I don't think this data should be distributed much at all, even though it's encrypted.

      This is an issue in the UK at the moment with the Soham murders in that some data (complaints of rape and indecent assault) on Ian Huntley was deleted because some police departments thought they couldn't keep it with others the information was there but not found

      More information here the BBC has a

  • by billstewart ( 78916 ) on Thursday March 18, 2004 @05:50AM (#8597025) Journal
    Great. While there are definite positive privacy things they _could_ accomplish with this, it's also open to lots of possible problems like "The computer said you matched a terrorist's name, no we don't know why, or where the list came from, we just have to cancel your account and call the police on you" which are as hard to defend against as being on the "No-Fly List" of Americans whose rights to travel are arbitrarily and unconstitutionally limited, or the "Strip-Search-Before-Flying" list, or the "Hollywood Suspected Commies Blacklist".
    • by Anonymous Coward

      ..."Strip-Search-Before-Flying" list...


      How can I get on that list?

    • Exactly. I mean, I wouldn't mind if a couple of false positives helped catch 1 terrorist. The problem becomes very large if the number of terrorists caught doesn't make up for the number of false positives. Besides, it would suck big time, if I, a Norwegian, were to visit the U.S. Then on my way back home, I'm picked as a false positive. My flight leaves in an hour, my girlfriend is let through, and I have to wait for perhaps 4 - 5 hours before they can finally confirm that I'm not a terrorist. These are th
      • You might be released, but all your financial assets will be frozen until you can be proved to be involved in terrorism. Unless, of course, you can produce convincing evicence of the countrary by your own means with a limited budget...
    • A real danger as all hashes (unless they are at least as large as the data they are hashing- which makes them a bit pointless) inherently will have collisions (ie two sets of different content will produce the same hash).

      In fact secure hashes emphasise the fact that given a hash and the content it would be difficult to modify the content to give the same hash. This is different to "there won't be any collisions".

  • As much as I am against terrorism, these technologies are going to be used on us, not terrorists! What are we going to do when our government overlords decide to enslave us? The patriot act, operations tips, now this. The war on terrorism can be faught without completely giving up our privacy and freedom. What if we don't want to be in some big government database? What if we don't want to be watched all the time, or put on some list? But you know, when you agree to give your government the power to spy
    • Re:This worries me. (Score:5, Interesting)

      by TyrranzzX ( 617713 ) on Thursday March 18, 2004 @06:59AM (#8597251) Journal
      It's also kinda sad that the voting public has the feeling that they can't do anything about it. You can say "well, that's what happens when you give up your rights.

      I can understand the angle of not wanting to lose your property and thus, being more willing to deal with crap (as most people are, if we got uppity at every turn in the road, the road would be jagged, torn, and probably wouldn't work that well). The past 6 or so presidencies have been really shitty IMO,; with each passing administration corruption increases; money is stolen, rights are taken away, and our country is torn apart brick by brick. Nixon, Bush Sr., Clinton, and now Bush Jr, all slowly taking away our rights accept for Bush Jr, who is putting a new definition to the term of "rocking the boat".

      Eventually something's gotta give. My prediction is that people are going to begin losing their incomes, and with those their livings. It was the robber-barons that caused the great depression, and eventually the stock market will collapse. I don't see buisness law becoming regulated any time soon like it was in the 50'a or 60's. Couple this with tremendous debt to other nations, a whole lotta weapons, a whole lotta enemies, devaluing currency, and corruption widespread in the high level goverment and in most lower level goverments and you've got a powder keg waiting to blow.

      Simply put, people will lose their patience. And with that loss of patience we'll see a revolution. The guys with the guns are already on the brink of it themselves.
  • NO WAY! (Score:5, Interesting)

    by paramecio ( 750982 ) on Thursday March 18, 2004 @05:51AM (#8597032)
    Apparently, Jonas has developed a system that can anonymize the data being analyzed through hashing, so the government can share this information with the private sector to look for hits, without the private sector seeing the specific data.
    I think we are reaching a point where it would become safer for us all to have the private sector playing freely with our data and sharing the anonymized hashes with the government!
    • As flawed as the government(s) may be, at least there are mechanisms in place to protect from abuse, at least in theory. In contrast, we have no such mechanisms, such as the Bill of Rights [cornell.edu] among other things, to protect from corporate abuse. This gets worse when you have a monopoly condition, even a local monopoly. Then it's even harder to vote with your feet or wallet.

      Authority without accountability is a recipe for abuse which has been illustrated many times each year. In the U.S. the corporate boar

  • Uh-huh.. (Score:5, Interesting)

    by Ketnar ( 415489 ) <KetnarNO@SPAMketnar.org> on Thursday March 18, 2004 @05:55AM (#8597043) Homepage
    Still don't like it.

    Just because they are searching for hash matches instead of plaintext doesn't mean profiling en-mass is right. It just means nosey companys who are being 'asked' won't know WHAT they are being 'asked' about.

    Gee, bob the builder knowns mahek alzis. Mahek is a suspected link betwene so and so, and then he works for this manager, and then these people. Hmm, we better start asking alot of questions..see who else matches our '(personal network) search criteria'

    What, you think i'm kidding? :)

    (And yes, some of you are going to explode that this sort of search-and-peck is not profiling, when it really is. Look it up. Searching through personal *profiles* and *information* to find any people who match enough of the criteria = profiling.)

    This sort of thing is bull, It really is. Instead of doing real investigative work, they can just whip up a list of 'possible hits',snatch them all up, and then queston and otherwise probably scare the shit out of all of them - hoping their deeper searches find a hit in the crowd.

    Welcome to the nightmare, please don't choke on the red pill while the door is hitting you in the ass. :)

    [/tinfoil-hat]
  • Does not work (Score:5, Interesting)

    by Anonymous Coward on Thursday March 18, 2004 @05:55AM (#8597045)
    There is really nothing new to this technology. It does not do what it claims. Hashing has been around for while, and so have techniques to defeat the attempted security of this type of system. Interestingly, I have seen around five stories from various forums reporting on SRD in the past week or so. It seems like some marketing department is working pretty hard.
  • by myownkidney ( 761203 ) on Thursday March 18, 2004 @05:56AM (#8597050) Homepage
    The question is, who exactly has access to our data?

    The credit card companies, for example, have access to a LOT of data. People seem to be content with that.

    And it is ridiculous how much information about your activities are already out there, though not publicly accessible, accessible to certain organisations.

    I think the scariest bit about this article is that casinos have access to your, YES YOUR, data. And if casinos can do that, so can the mafia.

    The government having access to all this information is only a part of the problem. The real problem is, how much of it is available to bad guys, like telemarketeers and the Russian Mafia.

    • Which Mafia? (Score:2, Interesting)

      You act like the Mafia has no competition, this isnt 1931, this is 2004. You have gangs, you have the irish, russian, jewish, spanish mafias, you have the yakuza, the triads, you have business men in the corporate world who are also in the criminal world, and you have gangs which are rich and powerful enough to get this information, the hells angels, the bloods, crips, latin kings, maybe some prison gangs. Basically anyone with money or influence can get this information. The casinos are run by the mafia
  • by fantomas ( 94850 ) on Thursday March 18, 2004 @06:04AM (#8597078)

    Can anybody help me and define the limits of the problem "the war against terrorism"?


    It strikes much of the issue is defining the problem, hey we're geeks right, give us a spec to build to, yup? This seems to be the chief concern of slashdot posters so far, that the problem has not been bounded and there are varying interpretations being made on what the problem is. How can we define the problem? Or are we accepting that the term is a worthless media and political construct to sell newspapers and justify military/ intelligence spending? Can we frame this fuzzy problem in a more meaningful way?

    • Can anybody help me and define the limits of the problem "the war against terrorism"?

      The human world is made up of human beings who exasperatingly insist on exhibiting human nature.

      Extrapolate.

      Predict what your girlfriend is going to do, as well as where and when.

      Now all you have to do is expand that technology to encompass the general populace.

      Did that help?

      KFG
      • by Anonymous Coward
        No. In fact that's exactly the sort of naive thinking that landed us here in this mess to start with.

        Many men far wiser than us have pondered the human mind, and we have discovered its complexity and depth are pretty much beyond comprehension. ( I know PhDs in cognitive science, AI and psychology who all say the same thing so dont even argue the point unless you fall into that category ) Deterministic behaviourism is a childs philosophy, as are the many inadequate and naive tools used by so called 'anti -
    • This is just an opinion but it seems like the war on terrorism isn't a problem, it's a solution. How so? Politicians use it to much their agenda in the name of the "solution". Re-elect Bush Jr for the war on terrorism! This software is part of the "solution". In truth, the war on terrorism is about effective as the war on drugs. Look at a country with real terrorist problems like Israel -- responding with force just leads to more bloodshed on both sides. Americans write Osama off as being a wacky insane l
  • by mu-sly ( 632550 ) on Thursday March 18, 2004 @06:05AM (#8597079) Homepage Journal

    Obligatory quote:

    "Those willing to give up a little liberty for a little security deserve neither security nor liberty." - Benjamin Franklin

    My personal opinion on the matter is that you can't fight a war against terrorism without looking at what the root causes of that terrorism are. The fact is, that at the moment the west is seemingly willing to just overlook what the causes of terrorism are, and are trying to just blow the terrorists to smithereens.

    When will people learn that labelling people "terrorists" and killing them just creates new "terrorists" at an exponential rate? As far as these "terrorists" are concerned, America and the UK are "terrorists" too.

    Clever tracking software or not, "terrorists" are not going to go away until we start looking at why they are "terrorists" in the first place.

    Just because a government chooses to carry out military activities, doesn't make them any less terroristic or any more legitimate.

    Perhaps those doubting the terrorism carried out by the US and allies in Iraq should check this page [mykeru.com] for help in visualising the numbers.

    • Except that Benjamin Franklin never said that.

      What he did say is this: "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."

      Puts it in a different light, doesn't it?

      And the bodycount site you link to is, not to put to fine a point on it, a complete lie. Deaths of Iraqi civilians caused by our (and their) enemies is presented as though it was caused by the US and its allies. And even that needs to be contrasted against the thousands of

      • by mu-sly ( 632550 )

        I'm not anti-American. I'm anti the actions of the American government under the banner of "the war against terror", because it is utter bullshit.

        The only correct reaction to terrorism is no reaction at all. Give them an inch, and they'll take a mile. By reacting to terrorist attacks in such a knee-jerk frenzy of panic, we have already lost the war against terror, because it has taken the grip on society that the terrorists wanted it to take.

        I'm not saying terrorism is right - it's clearly not. But

    • Bullshit.

      As far as these "terrorists" are concerned, America and the UK are evil operatives in some primitive religious war. And when I say "evil", I mean it literally, in the basic religous working-for-the-wrong-team sense of the word.

      Their viewpoint isn't remotely oriented to a concept like terrorism.

      As victims of terrorism, our initial basic preference is simply that the whole problem be laid to rest. On the other hand, their initial preference is that we die.

      Today the situation has escalated to the
      • This is not a religious war. But this is a religious and philosphical conflict that has been hijacked by clever manipulative fanatics. The Base is only interested in killing "Westerners" because it increases their support amongst disafected Muslim youth.

        The end game of the terrorist is probably the overthrow of current governments in Muslim countries. Killing Westerners is their Walt Disney propaganda channel. So it is absolutely true to say that negociating with Al Quaida is pointless, they dont want anyt
    • by overunderunderdone ( 521462 ) on Thursday March 18, 2004 @09:13AM (#8597936)
      My personal opinion on the matter is that you can't fight a war against terrorism without looking at what the root causes of that terrorism are

      True enough, but most people that say so aren't really interested in finding out - they *think* they already know. They'll cite poverty, or income inequality, colonialism and western arrogance. Yet in their own example of patronizing western arrogance they refuse to take the terrorists own statements about motives at face value. Apparently they believe brown people are incapable of self-knowledge and must be deciphered by enlightened western intellectuals to discern their "real" motives. In this regard the conservatives grant the terrorists more dignity as fellow humans - they take the terrorists at their word regarding motives and goals and find no room for compromise.

      The islamist terrorists want an end to western colonialism, including not only the withdrawal of U.S. troops and the abolition of Israel (and the withdrawal of Spain from Andalusia) but also to be free from the imposition of western values regarding the status of women in society and quant western notions about "human rights". They want to establish a pure islamic society governed by sharia law as interpreted by the most extreme wahhabi doctrine. Their religion teaches an absolute morality, it teaches that man is not fallen, nor is he good, but that man is weak and needs the help (control) of the theocratic state in order to live a virtuous life. Their doctrine also teaches that those outside of the helpful control of the theocratic state must someday be brought in to it (for their own good of course). Any loss of territory is cause for jihad - holy war to recover land and peoples that had once been under submission to God. The theocratic state must ever expand - never shrink.

      The people that believe this and that join al quaeda are NOT the poor and downtrodden but members of the ruling and middle classes. Well educated, reasonably wealthy, even quasi-westernized believers of a triumphalist, extreme Wahabism. They feel humiliated by western success and Islamic failure and by the past and present wrongs of colonialism and the decline of their culture currently and most shockingly represented by westernized women freely going about uncovered against all tradition and religious doctrine.
  • Hashing & Privacy (Score:5, Interesting)

    by PingKing ( 758573 ) on Thursday March 18, 2004 @06:09AM (#8597099)
    I thought the whole point of hash encryption was that it's not able to ever be unencrypted, even by the legitimate users?

    In order to check if there is a matching telephone number, you would first have to run the encryption algorithm on the number and then match this against every encrypted number you have in your data store. So if the two encrypted strings are equal, you have a match. But there is no way to know what the encrypted number is unless you have something to test for in the first place.

    But I'm not sure how much use that is. Wouldn't you then need to be able to see who's number that is, i.e. decrypt the person's personal data?

    Also, it would be interesting to see what the reaction to this software would be in the EU what with its Data Protection directive. Storing personal details about someone is prohibited except for certain circumstances... long term storage of someone's personal data for distribution to companies is not one of them. Whether the encryption of the data would make this acceptable or not would make for an interesting argument.
    • Err no. (Score:5, Informative)

      by CountBrass ( 590228 ) on Thursday March 18, 2004 @06:42AM (#8597193)

      Hashing != encryption.

      Encryption is intended to be unencrypted.

      Hashing is one way because it involves information loss. It is not encryption: there is nothing secret. For example simple hashing algorithm might be "take the ascii value for each character in string and add them all up, rolling over each time you reach 10,000". The result will be a hash. Which is dependent on the data you put in- is impossible to *directly* extract the original data (you could use a lookup table to do it). As I said though, this is NOT encryption.

  • by hplasm ( 576983 ) on Thursday March 18, 2004 @06:09AM (#8597100) Journal
    ..then tries to determine who that person may be connected with.

    everyone will be connected with Bush andBin Laden....

    • everyone will be connected with Bush andBin Laden....

      It doesn't take "six degrees" to separate W and Bin Laden. The Bin Laden family was a major investor in W's first company, Harkin Energy (of which he was CEO). That doesn't necessarily mean anything, but it does show what a small world we live in...

    • by Imperator ( 17614 ) <{slashdot2} {at} {omershenker.net}> on Thursday March 18, 2004 @09:36AM (#8598174)

      Yeah, especially given that Bush and bin Laden are connected by much fewer than six degrees...

      Consider how nicely the bin Laden family was treated in the days immediately following 9/11, when the government allowed a plane to fly around and pick them up to take them out of the country after only the most cursory FBI screening. (No one else was allowed to fly at the time except the military.) I mean, normally the relatives of a suspect in a murder will be questioned to see if they can lead you to the suspect or provide any evidence that he either did or didn't do the crime. But Bushes and the bin Ladens go way back [uni-muenster.de], and they got off the hook. Way to be "strong on terrorism", Bush.

  • by irikar ( 751706 ) on Thursday March 18, 2004 @06:15AM (#8597125)
    ...a scheme that races through oodles of data to figure out if people are connected with unsavory characters. And it does all this in mere seconds. The casinos were delighted. "The record speaks for itself," says Mirage spokesman Alan Feldman. "We have zero problems.

    Zero problems, but how many innocent people wrongly flagged as being unsavory?

    How does this SRD system measure the accuracy of its conclusions?

    • There are "zero problems" due to the environment in which the system was deployed. A Casino is a private club free to bar membership on any arbitrary basis wit a lot to loose if they were to admit a "frequently successful" or dishonest punter. Hell - the innocent may even be thought of as benefiting though a false-positive on this system preventing them from loosing to the house!
    • how many innocent people wrongly flagged as being unsavory?

      I prefer being an "unsavory character" ... that way, I'm less likely to be eaten alive ... although, yes, they may chew me up and spit me out.

      -kgj
  • by hardcode57 ( 734460 ) on Thursday March 18, 2004 @06:26AM (#8597156) Journal
    The peoples of democratic countries need to wake up to the fact that terrorism represents less of a threat than their own governments' response to it. Even 9/11, the worst terrorist attack in history, did not do much to increase the annual rate of homicides in the US. It remains much more dangerous to cross the street, drive to the supermarket, walk in the hills, or go for a drink on a weekend night (let alone smoking or eating burgers). We need to accept, and insist our governments accept, that there are risks involved in the world, of which terrorism is by no means the greatest, and that these cannot be eliminated while maintining a reasonable quality of life.
    • What's absurd is that you're willing to accept a military assualt on your nation's own soil, one which results in more than 3,000 simultaneous deaths and billions of dollars in damage, as a mere "risk involved in the world".

      What's absurd is that you'd be so stupid as to compare the simple outright murder of thousands of people -- to the risks you imagine exist when you take "a walk in the hills".

      So tell me, Voice of Restraint, where do you draw the line? After all, Ted Bundy offing all those college girls
      • I don't say that we shouldn't fight terror, any more than we shouldn't fight crime. What I'm saying, albeit poorly, is that in deciding the balance between individual liberty and the fight against terror, we must take a step back and look at what terrorism actually does. Physically, the effects are not statisticly significant. The real effect is, as the word terrorism implies, the emotional impact that it has on society.
        If we let our response be governed by that reaction, we lose our liberties, and the ter
        • That would have been a much more reasonable post. I agree, the encroachment of our rights in the name of this "war on terror" have already gone too far, and I believe they'll only get worse, and in some respect that could be construed as a minor victory for the terrorists.

          However, I have to say that your second post doesn't appear to follow as a logical conclusion from your original post. (And unless I missed something in the original article, I can't see where you might have simply been responding to some
  • To what degree... (Score:4, Insightful)

    by Sciamachy ( 198192 ) <sciamachy@[ ]il.com ['gma' in gap]> on Thursday March 18, 2004 @06:33AM (#8597171) Homepage
    ...does this work? I mean, the theory goes that we're all connected by 6 degrees of seperation. How do they define a connection? Depending on these factors, anyone could be condemned as connected somehow with undesirables.
  • by wfberg ( 24378 ) on Thursday March 18, 2004 @06:44AM (#8597198)
    Pure and simple.
  • by MavEtJu ( 241979 ) <<gro.ujtevam> <ta> <todhsals>> on Thursday March 18, 2004 @06:54AM (#8597238) Homepage
    If you search deep enough, you'll find something which will link me to a terrorist group. Just broaden your definition of terrorism wide enough, make the links deep enough and oh my...

    It will be cheaper to put a fence around the whole country I'm living in than to build prisons for all of us.
  • Dumb idea... (Score:5, Insightful)

    by shic ( 309152 ) on Thursday March 18, 2004 @07:09AM (#8597281)
    It is not sensible to publish this data - even in "anonymous form." Use of hashing will only prevent a party with access to the hash from directly reverse engineering the hashed data to arrive at a list of suspect names - however this completely misses the mark.

    If I were a terrorist organisation planning something like 9/11 and I knew many of my lemming-recruits would be identified by airport security as risks, I would process my terrorist volunteers myself and only send those who would not raise any eyebrows. This information (anonymous though it is) would be of great value as it would eliminate another uncertainty from the evil plan.

    If I were a private individual with interest in knowing the identities of all suspects then I would be able to mount a dictionary attack using, say, the electoral role or census data - with only a few billion people worldwide, a modest cluster of PCs would be able to exhaustively search for matches in reasonable time.

    Finally - if this anonymous data were to be available only to authorities to whom the raw information would otherwise have been available then this approach is still a disadvantage. Without access to the reason for someone matching, it will make it much harder for authorities to make appropriate judgement calls based upon a match. The mere possibility that a match might be due to a hashing collision or data- entry errors prior to hashing could result in the wrong decisions being taken. There is certainly a risk that without information on why someone is a suspected risk that related vital clues may be missed - possibly resulting in an otherwise preventable disaster.

  • ...so the government can share this information with the private sector to look for hits, without the private sector seeing the specific data.

    I was under the impression it would require a strong level of DRM to enforce such a thing. And in fact the DRM would be the only thing special about this. Aside form DRM, how is this not just another database!?
  • a pdf [counterpane.com] describing "clueless agents" that can search through a dataset (or do other things) without the agent's code itself revealing what they are looking for/about to do.
  • Terrorists winning (Score:3, Insightful)

    by tehanu ( 682528 ) on Thursday March 18, 2004 @09:00AM (#8597857)
    Has anyone in government thought about, if the terrorists stated aims really *are* to "destroy freedom and democracy", if we give up "essential liberties" for a little "temporary safety" or state heading down the path of a police state, or Fortress America, that the terrorists will in fact, have won.
  • The book Translucent Databases describes much of the same ideas. The website is here [wayner.org].

  • Perhaps it's more freindly than Big Brother, but there's still that gods-awful-huge uncheckably-and-doubtfully-accurate master database somewhere.

  • by Anonymous Coward
    Really, this is all such bullshit.
    Nasa with mind reading shit, BB reading my email and watching the websites I visit. WTF?

    You don't trust me? Fuck you.

    This is NOT the America that I was born into.
    America has turned into a third world police state. We are all treated as suspects and potential enemies of the state. You trample my rights? Fuck you too.

    Kiss the Bill of Rights goodbye, they've wiped their asses with it and flushed it down the toilet. Anyone in the 40+ age range knows what I'm talking ab
  • by Black Art ( 3335 ) on Thursday March 18, 2004 @01:18PM (#8601040)
    They need to call it "Fiendster".

    I predict the next technology that will be used to find terrorists will be dowsing rods.

    Oh wait...
  • This is a huge threat to civil liberties. Typical citizens will still be safe for a while. This won't have a major impact on citizens until the technology is passed from the spy agencies (eg. CIA) to the police agencies (eg. FBI). Not really sure when this will happen but at the rate the "war" on terrorism is going, it may be tomorrow...

    Sivaram Velauthapillai
  • And it's not stupid because it's a privacy invasion, it's stupid because it makes it more likely terrorists can get past the system.


    All they have to do is figure out their position on this 'watch list', which is easy enough to do with the ability to query the list in private hands. Then pick the least suspected one of them to carry the bomb. If they want to be really clever, send a half dozen really suspicious people in in front of the guy with the bomb, so security is busy and they won't get hit with a random search.


    Flagging suspicious people in ways they can find out they have been flagged is so mind-bogglingly stupid anyone suggesting it should be utterly shunned by the security community. Hello, terrorists normally operating in groups! In any group, there's going to be a few people we've never suspected, and we must never let the terrorists know which ones those are!

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...